Tracking the next pandemic: Avian Flu Talk |
Electricity Grid in U.S. Penetrated By Spies |
Post Reply |
Author | |
coyote
Admin Group Joined: April 25 2007 Location: United States Status: Offline Points: 8395 |
Post Options
Thanks(0)
Posted: April 08 2009 at 4:19am |
*
* TECHNOLOGY * APRIL 8, 2009 Electricity Grid in U.S. Penetrated By Spies By SIOBHAN GORMAN [Robert Moran monitors an electric grid in Dallas. Such infrastructure grids across the country are vulnerable to cyberattacks.] Associated Press Robert Moran monitors an electric grid in Dallas. Such infrastructure grids across the country are vulnerable to cyberattacks. WASHINGTON -- Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials. The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven't sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war. "The Chinese have attempted to map our infrastructure, such as the electrical grid," said a senior intelligence official. "So have the Russians." The espionage appeared pervasive across the U.S. and doesn't target a particular company or region, said a former Department of Homeland Security official. "There are intrusions, and they are growing," the former official said, referring to electrical systems. "There were a lot last year." Discuss * How worried are you that a cyberattack could damage U.S. infrastructure? Many of the intrusions were detected not by the companies in charge of the infrastructure but by U.S. intelligence agencies, officials said. Intelligence officials worry about cyber attackers taking control of electrical facilities, a nuclear power plant or financial networks via the Internet. Authorities investigating the intrusions have found software tools left behind that could be used to destroy infrastructure components, the senior intelligence official said. He added, "If we go to war with them, they will try to turn them on." Officials said water, sewage and other infrastructure systems also were at risk. "Over the past several years, we have seen cyberattacks against critical infrastructures abroad, and many of our own infrastructures are as vulnerable as their foreign counterparts," Director of National Intelligence Dennis Blair recently told lawmakers. "A number of nations, including Russia and China, can disrupt elements of the U.S. information infrastructure." Officials cautioned that the motivation of the cyberspies wasn't well understood, and they don't see an immediate danger. China, for example, has little incentive to disrupt the U.S. economy because it relies on American consumers and holds U.S. government debt. But protecting the electrical grid and other infrastructure is a key part of the Obama administration's cybersecurity review, which is to be completed next week. Under the Bush administration, Congress approved $17 billion in secret funds to protect government networks, according to people familiar with the budget. The Obama administration is weighing whether to expand the program to address vulnerabilities in private computer networks, which would cost billions of dollars more. A senior Pentagon official said Tuesday the Pentagon has spent $100 million in the past six months repairing cyber damage. Overseas examples show the potential havoc. In 2000, a disgruntled employee rigged a computerized control system at a water-treatment plant in Australia, releasing more than 200,000 gallons of sewage into parks, rivers and the grounds of a Hyatt hotel. Last year, a senior Central Intelligence Agency official, Tom Donohue, told a meeting of utility company representatives in New Orleans that a cyberattack had taken out power equipment in multiple regions outside the U.S. The outage was followed with extortion demands, he said. The U.S. electrical grid comprises three separate electric networks, covering the East, the West and Texas. Each includes many thousands of miles of transmission lines, power plants and substations. The flow of power is controlled by local utilities or regional transmission organizations. The growing reliance of utilities on Internet-based communication has increased the vulnerability of control systems to spies and hackers, according to government reports. [Chart] The sophistication of the U.S. intrusions -- which extend beyond electric to other key infrastructure systems -- suggests that China and Russia are mainly responsible, according to intelligence officials and cybersecurity specialists. While terrorist groups could develop the ability to penetrate U.S. infrastructure, they don't appear to have yet mounted attacks, these officials say. It is nearly impossible to know whether or not an attack is government-sponsored because of the difficulty in tracking true identities in cyberspace. U.S. officials said investigators have followed electronic trails of stolen data to China and Russia. Russian and Chinese officials have denied any wrongdoing. "These are pure speculations," said Yevgeniy Khorishko, a spokesman at the Russian Embassy. "Russia has nothing to do with the cyberattacks on the U.S. infrastructure, or on any infrastructure in any other country in the world." A spokesman for the Chinese Embassy in Washington, Wang Baodong, said the Chinese government "resolutely oppose[s] any crime, including hacking, that destroys the Internet or computer network" and has laws barring the practice. China was ready to cooperate with other countries to counter such attacks, he said, and added that "some people overseas with Cold War mentality are indulged in fabricating the sheer lies of the so-called cyberspies in China." Utilities are reluctant to speak about the dangers. "Much of what we've done, we can't talk about," said Ray Dotter, a spokesman at PJM Interconnection LLC, which coordinates the movement of wholesale electricity in 13 states and the District of Columbia. He said the organization has beefed up its security, in conformance with federal standards. In January 2008, the Federal Energy Regulatory Commission approved new protection measures that required improvements in the security of computer servers and better plans for handling attacks. Last week, Senate Democrats introduced a proposal that would require all critical infrastructure companies to meet new cybersecurity standards and grant the president emergency powers over control of the grid systems and other infrastructure. Specialists at the U.S. Cyber Consequences Unit, a nonprofit research institute, said attack programs search for openings in a network, much as a thief tests locks on doors. Once inside, these programs and their human controllers can acquire the same access and powers as a systems administrator. NERC Letter The North American Electric Reliability Corporation on Tuesday warned its members that not all of them appear to be adhering to cybersecuirty requirements. Read the letter. The White House review of cybersecurity programs is studying ways to shield the electrical grid from such attacks, said James Lewis, who directed a study for the Center for Strategic and International Studies and has met with White House reviewers. The reliability of the grid is ultimately the responsibility of the North American Electric Reliability Corp., an independent standards-setting organization overseen by the Federal Energy Regulatory Commission. The NERC set standards last year requiring companies to designate "critical cyber assets." Companies, for example, must check the backgrounds of employees and install firewalls to separate administrative networks from those that control electricity flow. The group will begin auditing compliance in July. —Rebecca Smith contributed to this article. Write to Siobhan Gorman at siobhan.gorman@wsj.com |
|
Long time lurker since day one to Member.
|
|
coyote
Admin Group Joined: April 25 2007 Location: United States Status: Offline Points: 8395 |
Post Options
Thanks(0)
|
Growing threat from cyber attacks: US general Apr 7 07:38 PM US/Eastern Cyber attacks pose an increasingly serious and costly threat to US government and commercial networks, a US general warned on Tuesday. The attacks range from relatively simple attempts by teenagers to highly sophisticated cyber assaults, General John Davis, deputy commander of the joint task force for global operations, told AFP. Although there were safeguards for military networks, attacks on commercial networks also were cause for concern, Davis said. "Even the indirect threat is of concern to us because a lot of our systems in the military ride over the commercial infrastructure," he said. The Pentagon several months ago was faced with "a particular worm that was concerning us that intruded into our military networks," Davis said. Last year the Defense Department prohibited the use of external computer flash drives to counter a virus threat. The Defense Department spent more than 100 million dollars in the past six months reparing the damage done by the cyber attacks, said Davis by telephone from a conference in Nebraska. The money was spent on technology and technicians -- including contractors -- to respond to the cyber attacks, he said. As an example, he said cleaning up a single affected computer cost between 5,000 to 7,000 dollars. But Davis said it was crucial to invest in preventing the cyber attacks instead of spending money afterward. "It would be a much wiser investment of resources to do that in a pro-active manner so we were preventing these things from being able to get into our networks." Davis welcomed plans presented Monday by Defense Secretary Robert Gates to fund an increase in cyber experts with stepped-up training efforts. Under the secretary's recommendations, the Pentagon would aim to train 250 cyber experts a year instead of the current 80 students. President Barack Obama has put a priority on cyber security and ordered an elaborate review of the issue. A top US cybersecurity official quit last month, complaining in a resignation letter that US cyber protection efforts were flawed and dominated by the super-secret National Security Agency (NSA). Copyright AFP 2008, AFP stories and photos shall not be published, broadcast, rewritten for broadcast or publication or redistributed directly or indirectly in any medium |
|
Long time lurker since day one to Member.
|
|
Guests
Guest Group |
Post Options
Thanks(0)
|
You run with this one Coyote. We are vulnerable and even more so now.
Medclinician |
|
sjf53
Valued Member Joined: April 06 2008 Location: Arizona Status: Offline Points: 400 |
Post Options
Thanks(0)
|
I think I will go rent the Bruce Willis movie "Live Free or Die Hard". (2007)
The movie is about the cyber attack on the United States' infrastructure on July 4th.
The action scenes are a little unbelievable but it shows the chaos that would take
place.as a result.
|
|
endman
V.I.P. Member Joined: February 16 2006 Status: Offline Points: 1232 |
Post Options
Thanks(0)
|
I think this show that we are loosing the intellectual war with Russia and China
Our kinds think more about sports than about computers. |
|
Turboguy
Admin Group Joined: October 27 2007 Status: Offline Points: 6079 |
Post Options
Thanks(0)
|
Nope Endman, it's all about the American Idol than what's going on in the world.
There's news programs where Idol bullScheiss takes precidence over goings on in the world. It's sad really...
|
|
Guests
Guest Group |
Post Options
Thanks(0)
|
IMHO The worm is currently in place and we have contacted President Obama's office concerning code solutions for this problem. Activation of this type of infestation could significantly effect the infrastructure. Touching this with a Quad (type of computer chip) only makes it really get hyper and extremely active. Last week a DOS was reported to us from our CTO in California which involved 20,000,000 computers working together to bombard a single location. Most of the users of the computers were unaware that their computer had been hooked using a type of peer to peer link and as a bounce location sending hits at thousands of times per second at the target. They also were masking and some of the jump paths were extremely complex.
Since large portions of this were reported by ABC news and on open net- I can post this. We currently estimate we will have an Internet overload by 2012 which will shut it down due to excess traffic and capacity. http://cecollect.com/ve/ZZ8160qwj77j26xOJ2#warning for more data for the data hungry on this go here http://news.bbc.co.uk/1/hi/programmes/click_online/6756899.stm okay- we'll just chalk that up to web traffic overload and jump through here instead http://tinyurl.com/24ahrm note Bill Thompson's comment. Most of .gov has made extreme efforts to disconnect from the Internet and is lowering its connects points to XXXXX locations by XXXXXX. There are absolute types of isolation which are extremely resistant to infiltration. SCADA is not one of them. Some systems by their very design have made themselves more vulnerable while attempting to be the very opposite. Due to the increase of private grid companies from XXXXX to XXXXXX and swapping of service nodes we have greater vulnerability. The hobby hac_ker has become much more sophisticated now working for not only private companies but the interior as well with monitoring nodes which infiltrate your system. Also hostiles and extremists teams actively are hitting many sensitive nodes thousands of times per day (at least). A simple way to track back who is watching you- and this does not evade or reveal law enforcement or .gov necessary presence is run cmd.exe and then type netstat.exe. This will give you a list of listening IP addresses on your system. By using an IP trace you can find out who it is and by modifying one of your system files you can block this IP. If you do not know what you are doing do not fuss with this. You could mess up your operating system and you have been warned. For many who have OS with their machine and no system disk- this could make you loose everything on your drive. Make you have to buy a new OS and loose all your information. You can view who is tracking you without endangering anything. Modifying your OS is another matter. Akimata- or something similiar to that has almost 30,000 users who infilitrate and install listening software and keyloggers on your system. All of this is relevant to a Pandemic in that a concurrent attack on our power and net with a bioweapon hit- would be extremely bad. That is why President Obama is initiating special programs to improve the security of the net as well as grid. One does have to give him credit. Despite overwhelming odds and being handed one of the worst messed up legacies, he is working with limited resources on extremely demanding problems. Just FYI in general. We have reason for concern and people are working on it. Medclinician |
|
MelodyAtHome
Valued Member Joined: May 16 2006 Location: United States Status: Offline Points: 2018 |
Post Options
Thanks(0)
|
Live Free or Die Hard was an EXCELLENT movie...you all should rent it or get it from the library.:O)
Melody
|
|
Melody
Emergency Preparedness 911 http://emergencypreparedness911.blogspot.com/ |
|
Post Reply | |
Tweet
|
Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You can vote in polls in this forum |